This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1970d-9f7e-4c4a-8b04-5cee6d5f1a12/1/XTTdv33KsQy_aCKXkh61gS2QUHE.mft File: XTTdv33KsQy_aCKXkh61gS2QUHE.mft (raw, json) Hash identifier: TzR1pkbqTjD/O/cTRfQWcrazpsnQlRWNvpYBlCwimRw= Subject key identifier: BF:67:A1:82:4C:5C:7F:CB:46:6E:03:53:5C:CD:88:61:AD:76:9C:83 Authority key identifier: 5D:34:DD:BF:7D:CA:B1:0C:BF:68:22:97:92:1E:B5:81:2D:90:50:71 Certificate issuer: /CN=5d34ddbf7dcab10cbf682297921eb5812d905071 Certificate serial: 019B5976E0721ED71672C85DDEA8F51717C3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XTTdv33KsQy_aCKXkh61gS2QUHE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1970d-9f7e-4c4a-8b04-5cee6d5f1a12/1/XTTdv33KsQy_aCKXkh61gS2QUHE.mft Manifest number: 0695 Signing time: Fri 26 Dec 2025 07:02:01 +0000 Manifest this update: Fri 26 Dec 2025 07:02:01 +0000 Manifest next update: Sat 27 Dec 2025 07:02:01 +0000 Files and hashes: 1: S6aYdrXE8VeCcP5w8D7hhhcOGoc.roa (hash: csN/l/mC6C7LyFwDFQUEKU3wX0HgZWqjImlEztzBO3Q=) 2: XTTdv33KsQy_aCKXkh61gS2QUHE.crl (hash: jhO9vzBidgRwe1/2K9QUG4xq9nSqDESjZK49eDedW94=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1970d-9f7e-4c4a-8b04-5cee6d5f1a12/1/XTTdv33KsQy_aCKXkh61gS2QUHE.crl rsync://rpki.ripe.net/repository/DEFAULT/f8/b1970d-9f7e-4c4a-8b04-5cee6d5f1a12/1/XTTdv33KsQy_aCKXkh61gS2QUHE.mft rsync://rpki.ripe.net/repository/DEFAULT/XTTdv33KsQy_aCKXkh61gS2QUHE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:76:e0:72:1e:d7:16:72:c8:5d:de:a8:f5:17:17:c3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5d34ddbf7dcab10cbf682297921eb5812d905071 Validity Not Before: Dec 26 07:02:01 2025 GMT Not After : Dec 27 07:02:01 2025 GMT Subject: CN=bf67a1824c5c7fcb466e03535ccd8861ad769c83 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:e0:f4:8b:05:af:0b:0f:15:8f:e0:37:76:40: 22:a7:aa:b3:16:15:97:ad:fe:e1:ae:79:fb:0a:8d: a1:05:d5:58:79:29:62:5a:8d:ce:75:c5:1c:c2:6a: 90:b6:ae:33:cd:9c:69:a0:b5:2b:6a:80:05:1e:c5: 5a:9f:34:7e:db:e6:03:c9:36:1e:6c:73:a0:e9:3f: 40:a5:01:5c:14:32:84:88:a0:05:2a:da:aa:2f:ba: 1c:c5:6c:a2:6f:a7:44:50:e7:af:39:c5:98:33:21: eb:4b:a5:79:4c:51:e9:ca:d5:2a:b8:6a:bb:2c:56: f5:67:7e:3d:ea:8e:51:0e:b9:01:d6:b6:b7:8a:53: 0c:28:1c:4c:a4:7d:7e:0e:42:98:1d:08:84:34:88: dd:5f:63:77:df:6b:94:1a:c2:7f:25:ab:fe:59:4b: 7c:fb:2b:ca:22:52:75:d3:2a:10:91:2c:62:90:37: c1:50:93:01:ff:30:e2:d2:a3:94:a3:c7:5e:b8:67: 5e:83:1f:55:78:5b:33:d1:2a:ea:94:54:b3:c7:7f: f0:9f:a3:d4:76:c2:a9:a1:58:03:c6:77:41:d8:8c: c1:44:cc:d6:fa:d0:b4:e0:a1:20:50:3b:37:9a:a5: b2:68:37:1c:80:e8:cf:85:e2:eb:cd:5a:8d:15:39: 04:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:67:A1:82:4C:5C:7F:CB:46:6E:03:53:5C:CD:88:61:AD:76:9C:83 X509v3 Authority Key Identifier: keyid:5D:34:DD:BF:7D:CA:B1:0C:BF:68:22:97:92:1E:B5:81:2D:90:50:71 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTTdv33KsQy_aCKXkh61gS2QUHE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1970d-9f7e-4c4a-8b04-5cee6d5f1a12/1/XTTdv33KsQy_aCKXkh61gS2QUHE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1970d-9f7e-4c4a-8b04-5cee6d5f1a12/1/XTTdv33KsQy_aCKXkh61gS2QUHE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3c:3d:36:c2:f7:f4:dd:a4:76:77:54:55:f6:ef:89:52:03:4b: 90:9f:39:e7:8f:93:b5:d9:fe:6f:06:60:ac:48:ae:6b:b8:ba: c5:17:fb:db:a7:86:cf:af:bd:ef:10:96:2c:15:8a:cc:78:b5: 75:95:8f:89:c2:7e:15:ba:0a:bf:68:b8:8b:86:fd:2b:89:35: 84:b7:1a:98:99:5d:31:e9:29:ab:78:d6:16:68:a9:67:df:8a: 60:de:84:48:6f:9f:49:ed:69:c3:b9:e1:25:9d:38:ae:6c:72: 3a:c5:6e:b3:ed:25:51:a8:6b:0d:ff:e5:85:3d:90:04:3e:84: 28:e7:3c:c7:54:3a:cf:92:f3:1d:b2:3b:04:2e:50:4b:32:e9: b3:26:e8:58:28:18:5c:80:5f:ba:ec:c3:7d:80:10:c3:7c:b0: e5:5e:80:57:7c:ee:74:7b:e9:2c:09:1f:fa:ee:57:26:63:7b: 01:17:24:cf:c9:65:af:8a:11:3f:52:b4:65:77:99:a8:7a:a1: 85:68:99:d3:4a:b0:b8:49:c2:c9:db:73:01:75:a5:ee:c4:d3: 45:c6:67:0d:ce:d9:ab:01:84:8d:bc:b6:8d:2b:a9:49:f3:2c: c8:47:01:da:17:f8:ca:d9:c9:93:a9:65:4b:24:0c:9c:06:24: 5e:76:f4:7a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZduByHtcWcshd3qj1FxfDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVkMzRkZGJmN2RjYWIxMGNiZjY4MjI5NzkyMWViNTgxMmQ5 MDUwNzEwHhcNMjUxMjI2MDcwMjAxWhcNMjUxMjI3MDcwMjAxWjAzMTEwLwYDVQQD EyhiZjY3YTE4MjRjNWM3ZmNiNDY2ZTAzNTM1Y2NkODg2MWFkNzY5YzgzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2+D0iwWvCw8Vj+A3dkAip6qzFhWX rf7hrnn7Co2hBdVYeSliWo3OdcUcwmqQtq4zzZxpoLUraoAFHsVanzR+2+YDyTYe bHOg6T9ApQFcFDKEiKAFKtqqL7ocxWyib6dEUOevOcWYMyHrS6V5TFHpytUquGq7 LFb1Z3496o5RDrkB1ra3ilMMKBxMpH1+DkKYHQiENIjdX2N332uUGsJ/Jav+WUt8 +yvKIlJ10yoQkSxikDfBUJMB/zDi0qOUo8deuGdegx9VeFsz0SrqlFSzx3/wn6PU dsKpoVgDxndB2IzBRMzW+tC04KEgUDs3mqWyaDccgOjPheLrzVqNFTkEXwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFL9noYJMXH/LRm4DU1zNiGGtdpyDMB8GA1UdIwQY MBaAFF003b99yrEMv2gil5IetYEtkFBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWFRUZHYzM0tzUXlfYUNLWGtoNjFnUzJRVUhFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMTk3MGQtOWY3ZS00YzRhLThiMDQt NWNlZTZkNWYxYTEyLzEvWFRUZHYzM0tzUXlfYUNLWGtoNjFnUzJRVUhFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mOC9iMTk3MGQtOWY3ZS00YzRhLThiMDQtNWNlZTZkNWYxYTEy LzEvWFRUZHYzM0tzUXlfYUNLWGtoNjFnUzJRVUhFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPD02wvf0 3aR2d1RV9u+JUgNLkJ8554+Ttdn+bwZgrEiua7i6xRf726eGz6+97xCWLBWKzHi1 dZWPicJ+FboKv2i4i4b9K4k1hLcamJldMekpq3jWFmipZ9+KYN6ESG+fSe1pw7nh JZ04rmxyOsVus+0lUahrDf/lhT2QBD6EKOc8x1Q6z5LzHbI7BC5QSzLpsyboWCgY XIBfuuzDfYAQw3yw5V6AV3zudHvpLAkf+u5XJmN7ARckz8llr4oRP1K0ZXeZqHqh hWiZ00qwuEnCydtzAXWl7sTTRcZnDc7ZqwGEjby2jSupSfMsyEcB2hf4ytnJk6ll SyQMnAYkXnb0eg== -----END CERTIFICATE-----Generated at Fri Dec 26 15:47:25 2025 by rpki-client